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DETAILED ACTION 

1. The instant application having Application No. 10/767429 has a total of 16 claims 
pending in the application; there are 3 independent claim and 1 3 dependent claims, all of which 
are ready for examination by the examiner. 

1. INFORMATION CONCERNING OATH/DECLARATION 

Oath/Declaration 

2. The application's oath/declaration has been reviewed by the examiner and is found to 
conform to the requirements prescribed in 37 C.F.R. 1.63. 

II. INFORMATION CONCERNING DRAWINGS 

Drawings 

3. The drawings received 30 January 2002 is in compliance with the provisions of 37 CFR 
1.84(p)(5). Accordingly, the drawings are being considered by the examiner. 

HI. OBJECTIONS TO THE SPECIFICATION 

Specification 

4. The specification is objected to as failing to provide proper antecedent basis for the 
claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01(o). Correction of the 
following is required: 

5. Applicant has claimed "a machine-readable medium" in claim 13. The specification does 
not disclose any machine-readable medium, therefore the specification is objected to. 
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IV. REJECTIONS BASED ON PRIOR ART 

Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 

basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

7. Claims 1-16 are rejected under 35 U.S.C. 102(b) as being anticipated by Shaath (US 
2002/0078295). 

As per claim 1, Shaath discloses "A method of forestalling actions that would defeat an 
access-control mechanism for a volume at least a portion of which is on a storage-device, 
communication between an input/output (I/O) initiator and the storage-device taking place via a 
stack of device objects (DOs) representing the volume, the method comprising: selectively 
preventing, at the stack-level, a change in characteristic information for the volume." [With 
respect to this limitation, Shaath discloses "Disposed between the application layer and the 
file system layer is a trap layer also referred to as a filter layer. Each file system access 
request that is transmitted from the application layer to the file system layer is intercepted 
by the trap layer. In the trap layer restrictions relating to access privileges are 
implemented. For example, some requests are blocked and error messages are returned to 
the application layer. Other requests are modified and the modified request passed onto the 
file system. When a data store is read only, a request to open a file for read write access is 
modified to an open file for read-only access; a request to delete a file is blocked and an 
error message is returned." (paragraph 0066, lines 9-21), where it is understood that the 
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stack level is associated with device objects representing different volumes, which is similar 
to a trap or filter layer which is associated with device drivers operating with storage 
mediums. "For example, a storage medium may indicate read-write access but may not 
support delete operations. Device drivers perform low level commands such as read and 
write. Delete, is a write operation, the device driver performing write operations to 
obfuscate of overwrite a file. As is evident, the device driver supports delete operations as 
does any read/write data store. However, by indicating to the trap layer that delete 
operations are not supported, all delete requests passed from the application layer for the 
specific data store are intercepted by the trap layer and an error message is returned to the 
application layer." (paragraph 0068, lines 3-14)] 

As per claim 2 5 Shaath discloses "receiving an input/output request packet (IRP) that is 
traversing a stack of device objects, the stack representing a data-storage device;" [With respect 
to this limitation, Shaath discloses "the file system driver accesses its IO stack location in 
the IRP to determine what operation to carry out, checks parameters, determines if the 
requested file is in cache memory, and if not sets up the next lower driver's IO stack 
location in the IRP" (paragraph 0044, lines 6-9) where file system driver receives IRP from 
IO manager] 

"determining whether the IRP represents a request to change characteristic information for the 
storage-volume to which the stack corresponds;" [With respect to this limitation, Shaath 
discloses "the file system driver accesses its IO stack location in the IRP to determine what 
operation to carry out" (paragraph 0004, lines 5-6)] 
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"and selectively failing the IRP depending upon the type of change being requested." [With 
respect to this limitation, Shaath discloses "For example, some requests are blocked and 
error messages are returned to the application layer. Other requests are modified and the 
modified request passed onto the file system. When a data store is read only, a request to 
open a file for read write access is modified to an open file for read-only access; a request to 
delete a file is blocked and an error message is returned." (paragraph 0066, lines 15-21)] 

As per claim 3, Shaath discloses "The method of claim 2, the method further comprising: 
checking whether the IRP is of a type meriting scrutiny;" [With respect to this limitation, 
Shaath discloses "If there were no higher-level driver, such a device driver would check 
whether the input parameters for an IRP MJ XXX operation are valid. If they are, a device 
driver usually calls IO support routines to tell the IO Manager that a device operation is 
pending on the IRP and to either queue or pass the IRP on to another driver-supplied 
routine that accesses the target device in the form of a physical or logical device such as a 
disk or a partition on a disk." (paragraph 0052)] 

"and skipping the determining and selectively-failing steps if the IRP does not merit scrutiny." 
[With respect to this limitation, Shaath discloses "when the storage medium supports the 
operation, the request and the data is passed on to the file system layer/' (paragraph 0074, 
lines 11-13)] 

As per claim 4, Shaath discloses "The method of claim 3, wherein: the checking step 
inspects whether the IRP includes the major function code IRPMJCREATE;" [With respect 
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to this limitation, Shaath discloses "The set of IRP major and minor function codes that a 
particular NT driver handles are sometimes device-type-specific. However, NT device and 
intermediate drivers usually handle the following set of basic requests: IRP MJ CREATE— 
open the target device object, indicating that it is present and available for IO operations; 99 
(paragraph 0059-0060)] 

and the skipping step skips if the IRP does not include IRP_MJ_CREATE." [With respect to 
this limitation, Shaath discloses "The set of IRP major and minor function codes that a 
particular NT driver handles are sometimes device-type-specific. However, NT device and 
intermediate drivers usually handle the following set of basic requests: IRP MJ CREATE— 
open the target device object, indicating that it is present and available for IO operations; 99 
(paragraph 0059-0060) where it is understood that NT device supports IRP_MJ_CREATE 
request] 

As per claim 5, Shaath discloses "The method of claim 2, wherein the IRP is received at a 
location in the stack represented by a device object;" [With respect to this limitation, the 
physical device driver checks its IO stack location to determine what operation... it should 
carry out on the target device, which is represented by the device object in its IO stack 
location and passed with the IRP to the driver 99 (paragraph 0051, lines 1-6)] 
"the characteristic information includes a volume-ID of the volume to which the device object 
corresponds;" [With respect to this limitation, Shaath discloses "the subsystem calls for an 
NT IO system service to open a name file 99 (paragraph 0042, lines 3-4), where it is 
understood that the name is an ID of the file]; 
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"and the determining step determines whether the IRP represents a request to change the volume- 
ID." [With respect to this limitation, Shaath discloses "determine what operation (indicated 
by the IRP MJ XXX function code) it should carry out on the target device" (paragraph 
0051, lines 2-4)1 

As per claim 6, Shaath discloses "The method of claim 5, wherein the volume-ID is the 
volume label." [With respect to this limitation, Shaath discloses "a named file" (paragraph 
0042, lines 3-4)] 

As per claim 7, Shaath discloses "The method of claim 2, further comprising: checking 
whether an identifier (ID) of the volume (volume-ID) in the IRP matches the volume-ID stored 
as corresponding to the volume;" [With respect to this limitation, Shaath discloses "The file 
system driver accesses its IO stack location in the IRP to determine what operation to carry 
out, checks parameters, determines if the requested file is in cache memory" (paragraph 
0044, lines 5-8)] 

"and choosing to fail the IRP if the volume-ID in the IRP does not match the stored volume-ID." 
[With respect to this limitation, Shaath discloses "some requests are blocked and error 
messages are returned to the application layer" (paragraph 0066, lines 15-16), where it is 
understood that if requests do not have a matching file name, it will fail to access any files] 

As per claim 8, Shaath discloses "The method of claim 7, further comprising: checking, if 
the volume-ID in the IRP does not match the stored volume-ID, whether the underlying initiator 
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to which the IRP corresponds has permission to change the volume-ID;" [With respect to this 
limitation, Shaath discloses "As is evident, the device driver supports delete operations as 
does any read/write data store. However, by indicating to the trap layer that delete 
operations are not supported, all delete requests passed from the application layer for the 
specific data store are intercepted by the trap layer and an error message is returned to the 
application layer." (paragraph 0068, lines 8-14)] 

"and failing the IRP if the initiator does not have permission to change the volume-ID." [With 
respect to this limitation, Shaath discloses "intercepted by the trap layer and an error 
message is returned to the application layer." (paragraph 0068, lines 13-14) 

As per claim 9, Shaath discloses "The method of claim 8, wherein the checking step 
checks one or more bits in an unreserved area of the IRP for a bit-pattern the presence of which 
indicates that the initiator has permission to change the volume-ID." [With respect to this 
limitation, Shaath discloses "the physical device driver checks its IO stack location to 
determine what operation (indicated by the IRP MJ XXX function code) it should carry 
out on the target device, which is represented by the device object in its IO stack location 
and passed with the IRP to the driver. This driver can assume that the IO Manager has 
routed the IRP to an entry point that the driver defined for the IRP--MJ XXX operation 
(here IRP MJ READ or IRP MJ WRITE) and that the higher-level driver has checked the 
validity of other parameters for the request." (paragraph 0051) where it is understood that 
different bits sequences indicate different IRP function codes.] 
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As per claim 10, Shaath discloses "The method of claim 7, further comprising: checking, 
if the volume-ID in the IRP does not match the stored volume-ID, whether the volume-ID in the 
IRP is available for use;" [With respect to this limitation, Shaath discloses "The IO Manager 
determines whether the device driver is already busy processing another IRP for the target 
device" (paragraph 0053, lines 1-3)] 

"and failing the IRP if the volume-ID in the IRP is not available for use." [With respect to this 
limitation, Shaath discloses "some requests are blocked and error messages are returned to 
the application layer" (paragraph 0066, lines 15-16)] 

As per claim 11, Shaath discloses "The method of claim 10, further comprising: 
comparing the volume-ID in the IRP to a list of existing volume-IDs." [With respect to this 
limitation, Shaath discloses "The file system driver accesses its IO stack location in the IRP 
to determine what operation to carry out, checks parameters, determines if the requested 
file is in cache memory" (paragraph 0044, lines 5-8)] 

As per claim 12, Shaath discloses "The method of claim 11, the method further 
comprising: updating, if the volume-ID in the IRP is found to be available for use, the list to 
include the volume-ID in the IRP." [With respect to this limitation, Shaath discloses "The file 
system driver accesses its IO stack location in the IRP to determine what operation to carry 
out, checks parameters, determines if the requested file is in cache memory" (paragraph 
0044, lines 5-8)] 
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As per claim 13, Shaath discloses "A machine-readable medium including instructions 
execution of which by a machine forestalls actions that would defeat an access-control 
mechanism for a volume of a storage-device, the machine-readable instructions comprising: a 
code segment that creates and attaches a filter device object to a stack of device objects 
representing a storage-device;" [With respect to this limitation, Shaath discloses "Disposed 
between the application layer and the file system layer is a trap layer also referred to as a 
filter layer. Each file system access request that is transmitted from the application layer to 
the file system layer is intercepted by the trap layer In the trap layer restrictions relating 
to access privileges are implemented. For example, some requests are blocked and error 
messages are returned to the application layer. Other requests are modified and the 
modified request passed onto the file system. When a data store is read only, a request to 
open a file for read write access is modified to an open file for read-only access; a request to 
delete a file is blocked and an error message is returned." (paragraph 0066, lines 9-21)] 
"a code segment for selectively preventing, at the stack-level, a change in characteristic 
information for the volume." [With respect to this limitation, Shaath discloses "Disposed 
between the application layer and the file system layer is a trap layer also referred to as a 
filter layer. Each file system access request that is transmitted from the application layer to 
the file system layer is intercepted by the trap layer. In the trap layer restrictions relating 
to access privileges are implemented. For example, some requests are blocked and error 
messages are returned to the application layer. Other requests are modified and the 
modified request passed onto the file system. When a data store is read only, a request to 
open a file for read write access is modified to an open file for read-only access; a request to 



Application/Control Number: 10/767,429 Page 1 1 

Art Unit: 2189 

delete a file is blocked and an error message is returned." (paragraph 0066, lines 9-21) 
where it is understood that the stack level is associated with device objects representing 
different volumes, which is similar to a trap or filter layer which is associated with device 
drivers operating with storage mediums. "For example, a storage medium may indicate 
read-write access but may not support delete operations. Device drivers perform low level 
commands such as read and write. Delete, is a write operation, the device driver 
performing write operations to obfuscate of overwrite a file. As is evident, the device driver 
supports delete operations as does any read/write data store. However, by indicating to the 
trap layer that delete operations are not supported, all delete requests passed from the 
application layer for the specific data store are intercepted by the trap layer and an error 
message is returned to the application layer.' 9 (paragraph 0068, lines 3-14)] 

As per claim 14, Shaath discloses "a code segment for receiving an input/output request 
packet (IRP) that is traversing a stack of device objects, the stack representing a data-storage 
device;" [With respect to this limitation, Shaath discloses "the file system driver accesses its 
IO stack location in the IRP to determine what operation to carry out, checks parameters, 
determines if the requested file is in cache memory, and if not sets up the next lower 
driver's IO stack location in the IRP" (paragraph 0044, lines 6-9) where file system driver 
receives IRP from IO manager] 

"a code segment for determining whether the IRP represents a request to change characteristic 
information for the storage- volume to which the stack corresponds;" [With respect to this 
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limitation, Shaath discloses "the file system driver accesses its IO stack location in the IRP 
to determine what operation to carry out" (paragraph 0004, lines 5-6)] 
"a code segment for selectively failing the IRP depending upon the type of change being 
requested." [With respect to this limitation, Shaath discloses "For example, some requests 
are blocked and error messages are returned to the application layer. Other requests are 
modified and the modified request passed onto the file system. When a data store is read 
only, a request to open a file for read write access is modified to an open file for read-only 
access; a request to delete a file is blocked and an error message is returned." (paragraph 
0066, lines 15-21)] 

As for claim 15, Shaath discloses "An apparatus for forestalling actions that would defeat 
an access-control mechanism for a volume at least a portion of which is on a storage-device, 
communication between an input/output (I/O) initiator and the storage-device taking place via a 
stack of device objects (DOs) representing the volume, the apparatus comprising: a memory in 
which is created the stack of device objects representing a storage-device, the stack including a 
filter device object (DO);" [With respect to this limitation, Shaath discloses "the file system 
driver accesses its IO stack location in the IRP to determine what operation to carry out, 
checks parameters, determines if the requested file is in cache memory, and if not sets up 
the next lower driver's IO stack location in the IRP" (paragraph 0044, lines 6-9) where file 
system driver receives IRP from IO manager] 

"and filter driver means for selectively preventing, at the stack-level, a change in characteristic 
information for the volume." [With respect to this limitation, Shaath discloses "Disposed 
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between the application layer and the file system layer is a trap layer also referred to as a 
filter layer. Each file system access request that is transmitted from the application layer to 
the file system layer is intercepted by the trap layer. In the trap layer restrictions relating 
to access privileges are implemented. For example, some requests are blocked and error 
messages are returned to the application layer. Other requests are modified and the 
modified request passed onto the file system. When a data store is read only, a request to 
open a file for read write access is modified to an open file for read-only access; a request to 
delete a file is blocked and an error message is returned." (paragraph 0066, lines 9-21) 
where it is understood that the stack level is associated with device objects representing 
different volumes, which is similar to a trap or filter layer which is associated with device 
drivers operating with storage mediums. "For example, a storage medium may indicate 
read-write access but may not support delete operations. Device drivers perform low level 
commands such as read and write. Delete, is a write operation, the device driver 
performing write operations to obfuscate of overwrite a file. As is evident, the device driver 
supports delete operations as does any read/write data store. However, by indicating to the 
trap layer that delete operations are not supported, all delete requests passed from the 
application layer for the specific data store are intercepted by the trap layer and an error 
message is returned to the application layer. 9 ' (paragraph 0068, lines 3-14)] 

As per claim 16, Shaath discloses "The apparatus of claim 15, wherein the filter driver 
means is further operable for determining whether an input/output request packet (IRP) arriving 
at the filter DO represents a request to change characteristic information for the storage-volume 
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to which the stack corresponds, and selectively failing the IRP depending upon the type of 
change being requested." [With respect to this limitation, Shaath discloses "the file system 
driver accesses its IO stack location in the IRP to determine what operation to carry out" 
(paragraph 0004, lines 5-6), "For example, some requests are blocked and error messages 
are returned to the application layer. Other requests are modified and the modified request 
passed onto the file system. When a data store is read only, a request to open a file for read 
write access is modified to an open file for read-only access; a request to delete a file is 
blocked and an error message is returned." (paragraph 0066, lines 15-21)] 

V. RELEVANT ART CITED BY THE EXAMINER 

8. The following prior art made of record and not relied upon is cited to establish the level 
of skill in the applicant's art and those arts considered reasonably pertinent to applicant's 
disclosure. See MPEP 707.05(c) 

The following reference teaches data transfer control methods. 
U.S. PATENT NUMBER 
US 6389427 
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Conclusion 



9. 



When responding to this office action, Applicant is advised to clearly point out the 



patentable novelty which he or she thinks the claims present, in view of the state of the art 
disclosed by the references cited or the objections made. He or she must also show how the 
amendments avoid such references or objections See 37 CFR 1.11 1(c). 

10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Victor W. Wang whose telephone number is (571) 272-9771. 
The examiner can normally be reached on Monday through Friday, 8:30am - 6:00pm. E.S.T.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Reginald Bragdon can be reached on (571) 272-4204. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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Patent Examiner 
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